Closed ShujaathKhan closed 3 weeks ago
Can you elaborate more on how you're not able to create the SSO session? From the end users perspective (as well as the bot perspective) what happens once you get the code back in end-auth.html
.
I'm looking for any elegant code where can save the code we receive at end-auth.html
in turnState so the login link doesn't comes-up when user tries to do some search query.
Hey @ShujaathKhan ,
you can refer to my repository for third-party SSO. - https://github.com/kjboogie/M365-Copilot-Plugin-Message-extension-SSO-Third-party-authentication
you cannot use ApplicationBuilder() to initiate the authentication for third party. This is only valid with Microsoft's internal sso auth, also you need to initiate authentication from the server side, specifically from - handleTeamsMessagingExtensionQuery( context: TurnContext,query: MessagingExtensionQuery ), so that when your client closes after token generation, via auth-end.html, we are sending back the token and it should be accessible inside this function by context.activity.value.state.
When your handleTeamsMessagingExtensionQuery() initiates something that goes outside the team's client, the team's client waits and captures in the same function inside -> 'context'.
In auth-end.html - microsoftTeams.authentication.notifySuccess(hashParams['code']); , this sends a response back to the teams client. We capture this code and generate tokens that are later set in the 'memory storage' of botbuilder .
From searchApps.ts - we will send ComposeExtension of type 'auth' to the front end to initiate signing. Create a function and call it from handleTeamsMessagingExtensionQuery(). You can call like - return this.staticHtmlPage();
From auth.html/auth-start.html - We will call out the third-party auth URL with a redirect URL to auth-end.html
From auth-end.html - we will send the generated code back to our team client i.e.handleTeamsMessagingExtensionQuery() . You can access the code by - context.activity.value.state
I am saving the token in UserStateand saving the UserState to MemoryStorage. Both of these are part of "botbuilder". I am already initializing these in index.ts and passing them to searchapps while initializing them from index.ts.
Hope this solution will fix your problem.
Thanks @kjboojie for the solutoin. @ShujaathKhan can you share if this fixes your problem?
I'm closing this issue for now. @ShujaathKhan please re-open if your problem still persists.
Language
Javascript/Typescript, Python
Version
latest
Description
We're looking at the scenario where we can integrate Third party Idp in Microsoft teams message extension with SSO.
We got started with sample repo placed over here : 1.https://github.com/microsoft/teams-ai/tree/main/js/samples/05.authentication/e.teamsSSO-messageExtension
The ultimate goal we're to do here have M365 copilot work for plugin and get items based on context. example for assume gmail.com based on logged user it should be able to get mails.
Reproduction Steps